javasslx509certificatepublic-key-encryptionprivate-key

Using Java to Encrypt a private key

I have a generated a private key using CertAndKeyGen class. Now I want to encrypt the private key with a password and use it as key while starting PostgreSQL server. How can I write the Java code to encrypt the private key? Below is my code I use to generate Private Key.

    CertAndKeyGen keypair = new CertAndKeyGen("RSA", "SHA1WithRSA", null);
    PrivateKey privKey = keypair.getPrivateKey();
Solution 
  • public class KeyEncryptExample {

    public static void main(String[] args) {
        try {
            String key = "mariahussain"; // needs to be at least 8 characters for DES

            FileInputStream fis = new FileInputStream("C:/Users/hussain.a/Desktop/original.txt");
            FileOutputStream fos = new FileOutputStream("C:/Users/hussain.a/Desktop/encrypted.txt");
            encrypt(key, fis, fos);

            FileInputStream fis2 = new FileInputStream("C:/Users/hussain.a/Desktop/encrypted.txt");
            FileOutputStream fos2 = new FileOutputStream("C:/Users/hussain.a/Desktop/decrypted.txt");
            decrypt(key, fis2, fos2);
        } catch (Throwable e) {
            e.printStackTrace();
        }
    }

    public static void encrypt(String key, InputStream is, OutputStream os) throws Throwable {
        encryptOrDecrypt(key, Cipher.ENCRYPT_MODE, is, os);
    }

    public static void decrypt(String key, InputStream is, OutputStream os) throws Throwable {
        encryptOrDecrypt(key, Cipher.DECRYPT_MODE, is, os);
    }

    public static void encryptOrDecrypt(String key, int mode, InputStream is, OutputStream os) throws Throwable {

        DESKeySpec dks = new DESKeySpec(key.getBytes());
        SecretKeyFactory skf = SecretKeyFactory.getInstance("DES");
        SecretKey desKey = skf.generateSecret(dks);
        Cipher cipher = Cipher.getInstance("DES"); // DES/ECB/PKCS5Padding for SunJCE

        if (mode == Cipher.ENCRYPT_MODE) {
            cipher.init(Cipher.ENCRYPT_MODE, desKey);
            CipherInputStream cis = new CipherInputStream(is, cipher);
            doCopy(cis, os);
        } else if (mode == Cipher.DECRYPT_MODE) {
            cipher.init(Cipher.DECRYPT_MODE, desKey);
            CipherOutputStream cos = new CipherOutputStream(os, cipher);
            doCopy(is, cos);
        }
    }

    public static void doCopy(InputStream is, OutputStream os) throws IOException {
        byte[] bytes = new byte[64];
        int numBytes;
        while ((numBytes = is.read(bytes)) != -1) {
            os.write(bytes, 0, numBytes);
        }
        os.flush();
        os.close();
        is.close();
    }

}